Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

To: All

Blog:

http://ddanchev.blogspot.com/2009/11/koobface-botnets-scareware-business.html

WEDNESDAY, NOVEMBER 11, 2009
“Koobface Botnet’s Scareware Business Model - Part Two”

(Posted by Dancho Danchev at Wednesday, November 11, 2009)

SNIPPET: “UPDATED - Tuesday, November 17, 2009: Koobface is resuming scareware (Inst_312s2.exe) operations at 91.212.107.103 which was taken offline for a short period of time. ISP has been notified again, action should be taken shortly. The current domain portfolio including new ones parked there:”


9 posted on 11/18/2009 2:59:24 AM PST by Cindy
[ Post Reply | Private Reply | To 8 | View Replies ]

To: All

Blog:

http://ddanchev.blogspot.com/2009/11/massive-scareware-serving-blackhat-seo.html

TUESDAY, NOVEMBER 17, 2009
“Massive Scareware Serving Blackhat SEO, the Koobface Gang Style”

(Posted by Dancho Danchev at Tuesday, November 17, 2009)

SNIPPET: “Ali Baba and the 40 thieves LLC are once again multi-tasking, this time compromising hundreds of thousands of web sites, and redirecting Google visitors — through the standard http referrer check — to scareware serving domains.

What’s so special about the domains mentioned in Cyveillance’s post, as well as the ones currently active on this campaign? It’s the Koobface connection.”


10 posted on 11/18/2009 3:01:31 AM PST by Cindy
[ Post Reply | Private Reply | To 9 | View Replies ]

Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson